- Fixed a bug that would make certain sites end up in a infinite redirect loop

- HSTS headers now get deleted
2025-07-08 05:51:48 -07:00 · 2015-03-13 18:37:16 +01:00 · 2015-03-13 18:37:16 +01:00 · 10468bfa5e
commit 10468bfa5e
parent cb09a12164
3 changed files with 7 additions and 4 deletions
--- a/libs/sslstrip/ServerConnection.py
+++ b/libs/sslstrip/ServerConnection.py
@ -125,8 +125,7 @@ class ServerConnection(HTTPClient):
                self.isCompressed = True

        elif (key.lower()== 'strict-transport-security'):
-            value="max-age=0"
-            logging.info("Zapped a strict-trasport-security header")
+            logging.info("%s Zapped a strict-trasport-security header" % self.client.getClientIP())

        elif (key.lower() == 'content-length'):
            self.contentLength = value
--- a/libs/sslstrip/URLMonitor.py
+++ b/libs/sslstrip/URLMonitor.py
@ -76,6 +76,10 @@ class URLMonitor:
        method      = url[0:methodIndex]

        pathIndex   = url.find("/", methodIndex)
+        if (pathIndex == -1):
+            pathIndex = len(url)
+            url += "/"
+
        host        = url[methodIndex:pathIndex].lower()
        path        = url[pathIndex:]